Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/39b08d-eb01-43b0-b56c-273884b53c6e/1/xjw5T6O6UrOY82prUTFDiuXEM4M.roa
File: xjw5T6O6UrOY82prUTFDiuXEM4M.roa (raw, json)
Hash identifier: lB2Ls8pQIlsBJJr7m2TLkmN7if6UTaHII9rLBe0VsSA=
Subject key identifier: C6:3C:39:4F:A3:BA:52:B3:98:F3:6A:6B:51:31:43:8A:E5:C4:33:83
Certificate issuer: /CN=c334a35abfa82d549e490704d68bbe658005d63c
Certificate serial: 36F24A25
Authority key identifier: C3:34:A3:5A:BF:A8:2D:54:9E:49:07:04:D6:8B:BE:65:80:05:D6:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wzSjWr-oLVSeSQcE1ou-ZYAF1jw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/94/39b08d-eb01-43b0-b56c-273884b53c6e/1/xjw5T6O6UrOY82prUTFDiuXEM4M.roa
Signing time: Sat 01 Jan 2022 12:06:40 +0000
ROA not before: Sat 01 Jan 2022 12:06:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 0
IP address blocks: 185.1.104.0/24 maxlen: 24
185.1.101.0/24 maxlen: 24
2001:7f8:bc::/48 maxlen: 48
2001:7f8:be::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 921848357 (0x36f24a25)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c334a35abfa82d549e490704d68bbe658005d63c
Validity
Not Before: Jan 1 12:06:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c63c394fa3ba52b398f36a6b5131438ae5c43383
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:94:6b:8d:1b:ed:45:d2:fb:2e:ff:8f:0f:6c:
a7:53:cc:a9:1b:02:d5:e0:ac:b0:2d:70:af:65:1f:
49:98:e5:66:e6:36:95:88:fa:25:d2:4e:93:2a:e2:
b3:c0:57:c7:f8:2b:80:57:4f:c3:53:2e:ed:c4:5e:
15:e3:bd:4e:b7:07:9c:07:53:f3:3d:1b:7f:d3:c1:
e4:11:5f:b2:14:cc:c0:d1:15:d8:59:22:ff:8d:64:
99:93:97:f6:94:c2:a8:15:95:3f:7b:c5:6c:fa:32:
c4:ef:5d:c0:59:68:12:ed:02:db:ed:e7:37:fd:82:
a1:97:d2:0b:cf:c9:a9:85:c8:06:2d:10:ea:3e:d5:
d5:1e:76:49:3b:ae:85:da:a6:ef:4d:d9:96:81:de:
b5:65:4e:58:94:2c:7c:e3:76:44:6c:3d:47:5d:87:
6c:e2:0c:7e:c4:be:c6:75:15:0c:b8:54:f0:6c:a5:
50:9f:c7:08:9b:3e:fe:6a:6d:cf:c5:8c:82:e8:f4:
fb:09:4c:36:0e:8c:a2:70:5d:fc:f8:41:12:61:7d:
08:d6:e7:6c:54:ad:29:44:0a:e8:2a:2a:65:3c:37:
9a:66:79:84:0a:88:d8:de:ca:6e:bc:27:17:d7:ee:
2a:dd:1c:4a:de:12:ef:42:13:32:de:50:53:61:78:
29:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:3C:39:4F:A3:BA:52:B3:98:F3:6A:6B:51:31:43:8A:E5:C4:33:83
X509v3 Authority Key Identifier:
keyid:C3:34:A3:5A:BF:A8:2D:54:9E:49:07:04:D6:8B:BE:65:80:05:D6:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wzSjWr-oLVSeSQcE1ou-ZYAF1jw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/39b08d-eb01-43b0-b56c-273884b53c6e/1/xjw5T6O6UrOY82prUTFDiuXEM4M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/94/39b08d-eb01-43b0-b56c-273884b53c6e/1/wzSjWr-oLVSeSQcE1ou-ZYAF1jw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.1.101.0/24
185.1.104.0/24
IPv6:
2001:7f8:bc::/48
2001:7f8:be::/48
Signature Algorithm: sha256WithRSAEncryption
a7:76:2b:21:f8:25:bd:5d:b3:72:c3:84:d1:2e:05:6a:dc:f2:
0c:f2:27:8c:6b:4b:11:13:d5:22:48:15:df:58:eb:34:10:16:
a1:f7:96:d4:ab:27:0f:82:f6:a1:24:06:6c:4c:1c:e7:2b:4e:
ff:1c:36:ee:62:c6:4c:d3:e6:ce:85:fa:45:5c:0c:b8:2c:99:
a0:18:d1:23:83:9e:b3:3f:d8:dc:6a:9b:6a:72:ea:1f:18:4e:
68:00:12:b3:d3:71:43:9c:d8:0c:21:87:a5:b3:8a:aa:74:3f:
10:73:3f:46:5f:31:45:78:12:1d:be:0e:69:bd:2a:b6:5b:45:
c0:5e:fe:af:84:bb:64:bb:20:33:e9:24:9e:e0:01:34:a1:ab:
ec:77:5f:3e:2e:64:a0:32:5f:d9:35:53:2d:bc:76:cb:be:aa:
ba:8d:da:58:07:d3:89:bd:2d:af:92:a5:82:84:55:70:5d:11:
e1:a9:2b:de:71:fc:f9:80:b5:07:d3:47:71:9f:ab:a5:4a:bc:
48:58:6d:b9:a1:63:d4:67:6b:7f:ed:54:ed:40:7b:ce:17:1c:
91:36:0a:3d:b6:00:1f:86:42:61:9e:94:a3:e8:99:18:a0:ab:
28:98:80:ee:52:24:7a:b0:6d:70:fe:9a:bc:53:7e:9f:db:6b:
00:d4:a8:48
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgIENvJKJTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
MzM0YTM1YWJmYTgyZDU0OWU0OTA3MDRkNjhiYmU2NTgwMDVkNjNjMB4XDTIyMDEw
MTEyMDY0MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzYzYzM5NGZhM2Jh
NTJiMzk4ZjM2YTZiNTEzMTQzOGFlNWM0MzM4MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMCUa40b7UXS+y7/jw9sp1PMqRsC1eCssC1wr2UfSZjlZuY2
lYj6JdJOkyris8BXx/grgFdPw1Mu7cReFeO9TrcHnAdT8z0bf9PB5BFfshTMwNEV
2Fki/41kmZOX9pTCqBWVP3vFbPoyxO9dwFloEu0C2+3nN/2CoZfSC8/JqYXIBi0Q
6j7V1R52STuuhdqm703ZloHetWVOWJQsfON2RGw9R12HbOIMfsS+xnUVDLhU8Gyl
UJ/HCJs+/mptz8WMguj0+wlMNg6MonBd/PhBEmF9CNbnbFStKUQK6CoqZTw3mmZ5
hAqI2N7KbrwnF9fuKt0cSt4S70ITMt5QU2F4KRMCAwEAAaOCAikwggIlMB0GA1Ud
DgQWBBTGPDlPo7pSs5jzamtRMUOK5cQzgzAfBgNVHSMEGDAWgBTDNKNav6gtVJ5J
BwTWi75lgAXWPDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3d6U2pXci1vTFZTZVNRY0Uxb3UtWllBRjFqdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTQvMzliMDhkLWViMDEtNDNiMC1iNTZjLTI3Mzg4NGI1M2M2ZS8x
L3hqdzVUNk82VXJPWTgycHJVVEZEaXVYRU00TS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTQv
MzliMDhkLWViMDEtNDNiMC1iNTZjLTI3Mzg4NGI1M2M2ZS8xL3d6U2pXci1vTFZT
ZVNRY0Uxb3UtWllBRjFqdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA/
BggrBgEFBQcBBwEB/wQwMC4wEgQCAAEwDAMEALkBZQMEALkBaDAYBAIAAjASAwcA
IAEH+AC8AwcAIAEH+AC+MA0GCSqGSIb3DQEBCwUAA4IBAQCndish+CW9XbNyw4TR
LgVq3PIM8ieMa0sRE9UiSBXfWOs0EBah95bUqycPgvahJAZsTBznK07/HDbuYsZM
0+bOhfpFXAy4LJmgGNEjg56zP9jcaptqcuofGE5oABKz03FDnNgMIYels4qqdD8Q
cz9GXzFFeBIdvg5pvSq2W0XAXv6vhLtkuyAz6SSe4AE0oavsd18+LmSgMl/ZNVMt
vHbLvqq6jdpYB9OJvS2vkqWChFVwXRHhqSvecfz5gLUH00dxn6ulSrxIWG25oWPU
Z2t/7VTtQHvOFxyRNgo9tgAfhkJhnpSj6JkYoKsomIDuUiR6sG1w/pq8U36f22sA
1KhI
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:24 2023 by rpki-client on console-ams.rpki-client.org